Monday, December 24, 2012
4:33 PM

Configuration of LINUX Gateway Machine


Check two network devices attach properly or not.

Follow the steps to configure the Linux machine(CentOS, Fedora) gateway.


i )  Check the Device eth0, eth1 are available on the machine by running command.

   [root@Xhost ]# ifconfig 

It will display eth0 and eth1 two network card details (ip, mac and etc).



ii)  Configure eth0 as the Public Network ip address. (/etc/sysconfig/networking-scripts/ifconfig-eth0)


# cat ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
IPADDR=xx.xx.xx.xx  # IP ADDRESS of Public Network
NETMASK=255.255.255.0 # Provided by the ISP
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
GATEWAY=xx.xx.xx.1 # Provided by the ISP





iii)  Configure  eth1 as the Private Network ip address (/etc/sysconfig/networking-scripts/ifconfig-eth1)


# cat ifcfg-eth1

BOOTPROTO=none
TYPE=Ethernet
DEVICE=eth1
NETMASK=255.255.0.0 # Specify based on your requirement
IPADDR=192.168.0.1 # Gateway of the LAN
NETWORK=192.168.0.0 # Optional
USERCTL=no
IPV6INIT=no
PEERDNS=yes
ONBOOT=yes




iv) Check each eth0 and eth1 separte like.


 [root@Xhost ]# service network restart
:
:
 [root@Xhost ]# ifconfig eth1 down
 [root@Xhost ]# ping  xx.xx.xx.xx  # Ping any public ip
:
:
if it works fine. other wise check the configuration of eth1

simmillarly for eth1


 [root@Xhost ]# service network restart
:
:
 [root@Xhost ]# ifconfig eth0 down
 [root@Xhost ]# ping  192.168.0.xx  # Ping any private ip
:
:


if both working means continue this fifth step




V)  Host Configuration (Optional)

# cat /etc/hosts
127.0.0.1 nat localhost.localdomain localhost




vi)  Gateway Configuration

# cat /etc/sysconfig/network

NETWORKING=yes
HOSTNAME=nat
GATEWAY=xx.xx.xx.1 # Internet Gateway, provided by the ISP




Vii)  DNS Configuration

# cat /etc/resolv.conf

nameserver xx.xx.xx.xx # Primary DNS Server provided by ISP
nameserver xx.xx.xx.xx # Secondary DNS Server provided by ISP



viii) NAT with iptables:

[root@Xhost ]# iptables -F  # Flush iptables 
[root@Xhost ]# iptables -t nat -F # Flush nat table
[root@Xhost ]# iptables -t mangle -F # Flush mangle table

setup forwarding rule in the iptables

[root@Xhost ]# iptables -t nat -A PREROUTING -o eth0 -j MASQUERADE
[root@Xhost ]# iptables -A FORWARDING -i eth1 -j ACCEPT


iX) Enabling the Kernel ip forwarding

Check kernel ip forwading enable or not

[root@Xhost ]# sysctl -a | grep  net.ipv4.ip_forward
net.ipv4.ip_forward = 0

if 0 is there set it to 1 by

[root@Xhost ]# echo 1 > /proc/sys/net/ipv4/ip_forward

and edit to make the change permanent

[root@Xhost ]#vi /etc/sysctl.conf

net.ipv4.ip_forward=1 # modify this 0 to 1



X) Apply configurations

[root@Xhost ]# service iptables save
[root@Xhost ]# service iptables restart
[root@Xhost ]#  chkconfig --list iptables  # on 3,5 runlevel






Finally Gateway is setuped ..

Now we need to test this gateway from any client system(private network).
login into client system.

ping 192.168.0.1;
ping  xx.xx.xx.xx # Any public IP

0 comments:

Post a Comment